Content Security Policy prevents content injection attacks by specifying valid sources of content for a site.
|Author:||Brandon Sterne (profile at wordpress.org)|
|WordPress version required:||2.9|
|WordPress version tested:||3.1.4|
|Added to WordPress repository:||18-05-2010|
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
|Total downloads:||4 062|
Click to start download
The Content Security Policy plugin provides WordPress administrators a mechanism to specify a custom policy, or adopt a recommended policy based on the types and sources of content present in their site.
Tested in Firefox 3.6 and Firefox 4, Chrome 10, and Safari 5.
CSP configuration page in Safari.
New panel in media uploader allows direct creation of script files in the uploads directory.
CSP configuration page in Chrome.
CSP configuration page making a policy reccommendation.
- Updated to be compatible with WordPress 3.0 and WordPress 3.1
- Removed json.js (since WordPress ships w/ jQuery 1.4 now)
- Added “restore default settings” button
- Fixed a layout bug in the CSP Settings Page
- Fixed JSON encoding bug in the list of posts to analyze
- Fixed origin mismatch problem for https:// admin page users
- Initial release